<!DOCTYPE html><html><head>
<title>sha256 - SHA-x Message-Digest Algorithm</title>
<style type="text/css"><!--
    HTML {
	background: 	#FFFFFF;
	color: 		black;
    }
    BODY {
	background: 	#FFFFFF;
	color:	 	black;
    }
    DIV.doctools {
	margin-left:	10%;
	margin-right:	10%;
    }
    DIV.doctools H1,DIV.doctools H2 {
	margin-left:	-5%;
    }
    H1, H2, H3, H4 {
	margin-top: 	1em;
	font-family:	sans-serif;
	font-size:	large;
	color:		#005A9C;
	background: 	transparent;
	text-align:		left;
    }
    H1.doctools_title {
	text-align: center;
    }
    UL,OL {
	margin-right: 0em;
	margin-top: 3pt;
	margin-bottom: 3pt;
    }
    UL LI {
	list-style: disc;
    }
    OL LI {
	list-style: decimal;
    }
    DT {
	padding-top: 	1ex;
    }
    UL.doctools_toc,UL.doctools_toc UL, UL.doctools_toc UL UL {
	font:		normal 12pt/14pt sans-serif;
	list-style:	none;
    }
    LI.doctools_section, LI.doctools_subsection {
	list-style: 	none;
	margin-left: 	0em;
	text-indent:	0em;
	padding: 	0em;
    }
    PRE {
	display: 	block;
	font-family:	monospace;
	white-space:	pre;
	margin:		0%;
	padding-top:	0.5ex;
	padding-bottom:	0.5ex;
	padding-left:	1ex;
	padding-right:	1ex;
	width:		100%;
    }
    PRE.doctools_example {
	color: 		black;
	background: 	#f5dcb3;
	border:		1px solid black;
    }
    UL.doctools_requirements LI, UL.doctools_syntax LI {
	list-style: 	none;
	margin-left: 	0em;
	text-indent:	0em;
	padding:	0em;
    }
    DIV.doctools_synopsis {
	color: 		black;
	background: 	#80ffff;
	border:		1px solid black;
	font-family:	serif;
	margin-top: 	1em;
	margin-bottom: 	1em;
    }
    UL.doctools_syntax {
	margin-top: 	1em;
	border-top:	1px solid black;
    }
    UL.doctools_requirements {
	margin-bottom: 	1em;
	border-bottom:	1px solid black;
    }
--></style>
</head>
<!-- Generated from file 'sha256.man' by tcllib/doctools with format 'html'
   -->
<!-- Copyright &amp;copy; 2008, Andreas Kupries &amp;lt;andreas_kupries@users.sourceforge.net&amp;gt;
   -->
<!-- sha256.n
   -->
<body><hr> [
   <a href="../../../../../../../../home">Tcllib Home</a>
&#124; <a href="../../../../toc.html">Main Table Of Contents</a>
&#124; <a href="../../../toc.html">Table Of Contents</a>
&#124; <a href="../../../../index.html">Keyword Index</a>
&#124; <a href="../../../../toc0.html">Categories</a>
&#124; <a href="../../../../toc1.html">Modules</a>
&#124; <a href="../../../../toc2.html">Applications</a>
 ] <hr>
<div class="doctools">
<h1 class="doctools_title">sha256(n) 1.0.4 tcllib &quot;SHA-x Message-Digest Algorithm&quot;</h1>
<div id="name" class="doctools_section"><h2><a name="name">Name</a></h2>
<p>sha256 - SHA256 Message-Digest Algorithm</p>
</div>
<div id="toc" class="doctools_section"><h2><a name="toc">Table Of Contents</a></h2>
<ul class="doctools_toc">
<li class="doctools_section"><a href="#toc">Table Of Contents</a></li>
<li class="doctools_section"><a href="#synopsis">Synopsis</a></li>
<li class="doctools_section"><a href="#section1">Description</a></li>
<li class="doctools_section"><a href="#section2">COMMANDS</a></li>
<li class="doctools_section"><a href="#section3">PROGRAMMING INTERFACE</a></li>
<li class="doctools_section"><a href="#section4">EXAMPLES</a></li>
<li class="doctools_section"><a href="#section5">REFERENCES</a></li>
<li class="doctools_section"><a href="#section6">Bugs, Ideas, Feedback</a></li>
<li class="doctools_section"><a href="#see-also">See Also</a></li>
<li class="doctools_section"><a href="#keywords">Keywords</a></li>
<li class="doctools_section"><a href="#category">Category</a></li>
<li class="doctools_section"><a href="#copyright">Copyright</a></li>
</ul>
</div>
<div id="synopsis" class="doctools_section"><h2><a name="synopsis">Synopsis</a></h2>
<div class="doctools_synopsis">
<ul class="doctools_requirements">
<li>package require <b class="pkgname">Tcl 8.2</b></li>
<li>package require <b class="pkgname">sha256 <span class="opt">?1.0.4?</span></b></li>
</ul>
<ul class="doctools_syntax">
<li><a href="#1"><b class="cmd">::sha2::sha256</b> <span class="opt">?<b class="option">-hex|-bin</b>?</span> [ <b class="option">-channel channel</b> | <b class="option">-file filename</b> | <span class="opt">?<b class="option">--</b>?</span> <i class="arg">string</i> ]</a></li>
<li><a href="#2"><b class="cmd">::sha2::sha224</b> <span class="opt">?<b class="option">-hex|-bin</b>?</span> [ <b class="option">-channel channel</b> | <b class="option">-file filename</b> | <span class="opt">?<b class="option">--</b>?</span> <i class="arg">string</i> ]</a></li>
<li><a href="#3"><b class="cmd">::sha2::hmac</b> <i class="arg">key</i> <i class="arg">string</i></a></li>
<li><a href="#4"><b class="cmd">::sha2::hmac</b> <span class="opt">?<b class="option">-hex|-bin</b>?</span> <b class="option">-key key</b> [ <b class="option">-channel channel</b> | <b class="option">-file filename</b> | <span class="opt">?<b class="option">--</b>?</span> <i class="arg">string</i> ]</a></li>
<li><a href="#5"><b class="cmd">::sha2::SHA256Init</b></a></li>
<li><a href="#6"><b class="cmd">::sha2::SHA224Init</b></a></li>
<li><a href="#7"><b class="cmd">::sha2::SHA256Update</b> <i class="arg">token</i> <i class="arg">data</i></a></li>
<li><a href="#8"><b class="cmd">::sha2::SHA256Final</b> <i class="arg">token</i></a></li>
<li><a href="#9"><b class="cmd">::sha2::SHA224Final</b> <i class="arg">token</i></a></li>
<li><a href="#10"><b class="cmd">::sha2::HMACInit</b> <i class="arg">key</i></a></li>
<li><a href="#11"><b class="cmd">::sha2::HMACUpdate</b> <i class="arg">token</i> <i class="arg">data</i></a></li>
<li><a href="#12"><b class="cmd">::sha2::HMACFinal</b> <i class="arg">token</i></a></li>
</ul>
</div>
</div>
<div id="section1" class="doctools_section"><h2><a name="section1">Description</a></h2>
<p>This package provides an implementation in Tcl of the SHA256 and
SHA224 message-digest algorithms as specified by FIPS PUB 180-1
(1). These algorithms take a message and generates a 256-bit (224-bit)
digest from the input. The SHA2 algorithms are related to the SHA1
algorithm.</p>
<p>This package also includes support for creating keyed message-digests
using the HMAC algorithm from RFC 2104 (3) with SHA256 as the
message-digest.</p>
</div>
<div id="section2" class="doctools_section"><h2><a name="section2">COMMANDS</a></h2>
<dl class="doctools_definitions">
<dt><a name="1"><b class="cmd">::sha2::sha256</b> <span class="opt">?<b class="option">-hex|-bin</b>?</span> [ <b class="option">-channel channel</b> | <b class="option">-file filename</b> | <span class="opt">?<b class="option">--</b>?</span> <i class="arg">string</i> ]</a></dt>
<dd><p>The command takes a message and returns the SHA256 digest of this
message as a hexadecimal string. You may request the result as binary
data by giving <i class="arg">-bin</i>.</p>
<p>The data to be hashed can be specified either as a string argument to
the <b class="cmd">sha256</b> command, or as a filename or a pre-opened channel. If the
<i class="arg">-filename</i> argument is given then the file is opened, the data read
and hashed and the file is closed. If the <i class="arg">-channel</i> argument is
given then data is read from the channel until the end of file. The
channel is not closed. <em>NOTE</em> use of the channel or filename
options results in the internal use of <b class="cmd"><a href="../../../../index.html#vwait">vwait</a></b>. To avoid nested
event loops in Tk or tclhttpd applications you should use the
incremental programming API (see below).</p>
<p>Only one of <i class="arg">-file</i>, <i class="arg">-channel</i> or <i class="arg">string</i> should be given.</p>
<p>If the <i class="arg">string</i> to hash can be mistaken for an option
(leading dash &quot;-&quot;), use the option <b class="option">--</b> before it to terminate
option processing and force interpretation as a string.</p></dd>
<dt><a name="2"><b class="cmd">::sha2::sha224</b> <span class="opt">?<b class="option">-hex|-bin</b>?</span> [ <b class="option">-channel channel</b> | <b class="option">-file filename</b> | <span class="opt">?<b class="option">--</b>?</span> <i class="arg">string</i> ]</a></dt>
<dd><p>Like <b class="cmd">::sha2::sha256</b>, except that the SHA224 digest is returned.</p></dd>
<dt><a name="3"><b class="cmd">::sha2::hmac</b> <i class="arg">key</i> <i class="arg">string</i></a></dt>
<dd></dd>
<dt><a name="4"><b class="cmd">::sha2::hmac</b> <span class="opt">?<b class="option">-hex|-bin</b>?</span> <b class="option">-key key</b> [ <b class="option">-channel channel</b> | <b class="option">-file filename</b> | <span class="opt">?<b class="option">--</b>?</span> <i class="arg">string</i> ]</a></dt>
<dd><p>Calculate an Hashed Message Authentication digest (HMAC) using the
SHA256 digest algorithm. HMACs are described in RFC 2104 (3) and
provide an SHA256 digest that includes a key. All options other than
<i class="arg">-key</i> are as for the <b class="cmd">::sha2::sha256</b> command.</p>
<p>If the <i class="arg">string</i> to hash can be mistaken for an option
(leading dash &quot;-&quot;), use the option <b class="option">--</b> before it to terminate
option processing and force interpretation as a string.</p></dd>
</dl>
</div>
<div id="section3" class="doctools_section"><h2><a name="section3">PROGRAMMING INTERFACE</a></h2>
<p>For the programmer, the SHA256 hash can be viewed as a bucket into
which one pours data. When you have finished, you extract a value that
is derived from the data that was poured into the bucket. The
programming interface to the SHA256 hash operates on a token
(equivalent to the bucket). You call <b class="cmd">SHA256Init</b> to obtain a
token and then call <b class="cmd">SHA256Update</b> as many times as required to
add data to the hash. To release any resources and obtain the hash
value, you then call <b class="cmd">SHA256Final</b>. An equivalent set of
functions gives you a keyed digest (HMAC).</p>
<p>If you have <b class="package">critcl</b> and have built the <b class="package">tcllibc</b>
package then the implementation of the hashing function will be
performed by compiled code. Failing that there is a pure-tcl
equivalent. The programming interface remains the same in all cases.</p>
<dl class="doctools_definitions">
<dt><a name="5"><b class="cmd">::sha2::SHA256Init</b></a></dt>
<dd></dd>
<dt><a name="6"><b class="cmd">::sha2::SHA224Init</b></a></dt>
<dd><p>Begins a new SHA256/SHA224 hash. Returns a token ID that must be used
for the remaining functions.</p></dd>
<dt><a name="7"><b class="cmd">::sha2::SHA256Update</b> <i class="arg">token</i> <i class="arg">data</i></a></dt>
<dd><p>Add data to the hash identified by token. Calling
<em>SHA256Update $token &quot;abcd&quot;</em> is equivalent to calling
<em>SHA256Update $token &quot;ab&quot;</em> followed by
<em>SHA256Update $token &quot;cb&quot;</em>. See <span class="sectref"><a href="#section4">EXAMPLES</a></span>.
Note that this command is used for both SHA256 and SHA224. Only the
initialization and finalization commands of both hashes differ.</p></dd>
<dt><a name="8"><b class="cmd">::sha2::SHA256Final</b> <i class="arg">token</i></a></dt>
<dd></dd>
<dt><a name="9"><b class="cmd">::sha2::SHA224Final</b> <i class="arg">token</i></a></dt>
<dd><p>Returns the hash value and releases any resources held by this
token. Once this command completes the token will be invalid. The
result is a binary string of 32/28 bytes representing the 256/224 bit
SHA256 / SHA224 digest value.</p></dd>
<dt><a name="10"><b class="cmd">::sha2::HMACInit</b> <i class="arg">key</i></a></dt>
<dd><p>This is equivalent to the <b class="cmd">::sha2::SHA256Init</b> command except
that it requires the key that will be included in the HMAC.</p></dd>
<dt><a name="11"><b class="cmd">::sha2::HMACUpdate</b> <i class="arg">token</i> <i class="arg">data</i></a></dt>
<dd></dd>
<dt><a name="12"><b class="cmd">::sha2::HMACFinal</b> <i class="arg">token</i></a></dt>
<dd><p>These commands are identical to the SHA256 equivalent commands.</p></dd>
</dl>
</div>
<div id="section4" class="doctools_section"><h2><a name="section4">EXAMPLES</a></h2>
<pre class="doctools_example">
% sha2::sha256 &quot;Tcl does SHA256&quot;
0b91043ee484abd83c3e4b08d6034d71b937026379f0f59bda6e625e6e214789
</pre>
<pre class="doctools_example">
% sha2::hmac Sekret &quot;Tcl does SHA256&quot;
4f9352c64d655e8a36abe73e6163a9d7a54039877c1c92ec90b07d48d4e854e0
</pre>
<pre class="doctools_example">
% set tok [sha2::SHA256Init]
::sha2::1
% sha2::SHA256Update $tok &quot;Tcl &quot;
% sha2::SHA256Update $tok &quot;does &quot;
% sha2::SHA256Update $tok &quot;SHA256&quot;
% sha2::Hex [sha2::SHA256Final $tok]
0b91043ee484abd83c3e4b08d6034d71b937026379f0f59bda6e625e6e214789
</pre>
</div>
<div id="section5" class="doctools_section"><h2><a name="section5">REFERENCES</a></h2>
<ol class="doctools_enumerated">
<li><p>&quot;Secure Hash Standard&quot;, National Institute of Standards
        and Technology, U.S. Department Of Commerce, April 1995.
	(<a href="http://www.itl.nist.gov/fipspubs/fip180-1.htm">http://www.itl.nist.gov/fipspubs/fip180-1.htm</a>)</p></li>
<li><p>Rivest, R., &quot;The MD4 Message Digest Algorithm&quot;, RFC 1320, MIT,
       April 1992. (<a href="http://www.rfc-editor.org/rfc/rfc1320.txt">http://www.rfc-editor.org/rfc/rfc1320.txt</a>)</p></li>
<li><p>Krawczyk, H., Bellare, M. and Canetti, R. &quot;HMAC: Keyed-Hashing for
      Message Authentication&quot;, RFC 2104, February 1997.
	(<a href="http://www.rfc-editor.org/rfc/rfc2104.txt">http://www.rfc-editor.org/rfc/rfc2104.txt</a>)</p></li>
</ol>
</div>
<div id="section6" class="doctools_section"><h2><a name="section6">Bugs, Ideas, Feedback</a></h2>
<p>This document, and the package it describes, will undoubtedly contain
bugs and other problems.
Please report such in the category <em>sha1</em> of the
<a href="http://core.tcl.tk/tcllib/reportlist">Tcllib Trackers</a>.
Please also report any ideas for enhancements you may have for either
package and/or documentation.</p>
<p>When proposing code changes, please provide <em>unified diffs</em>,
i.e the output of <b class="const">diff -u</b>.</p>
<p>Note further that <em>attachments</em> are strongly preferred over
inlined patches. Attachments can be made by going to the <b class="const">Edit</b>
form of the ticket immediately after its creation, and then using the
left-most button in the secondary navigation bar.</p>
</div>
<div id="see-also" class="doctools_section"><h2><a name="see-also">See Also</a></h2>
<p><a href="../md4/md4.html">md4</a>, <a href="../md5/md5.html">md5</a>, <a href="../ripemd/ripemd128.html">ripemd128</a>, <a href="../ripemd/ripemd160.html">ripemd160</a>, <a href="sha1.html">sha1</a></p>
</div>
<div id="keywords" class="doctools_section"><h2><a name="keywords">Keywords</a></h2>
<p><a href="../../../../index.html#fips_180_1">FIPS 180-1</a>, <a href="../../../../index.html#hashing">hashing</a>, <a href="../../../../index.html#message_digest">message-digest</a>, <a href="../../../../index.html#rfc_2104">rfc 2104</a>, <a href="../../../../index.html#security">security</a>, <a href="../../../../index.html#sha256">sha256</a></p>
</div>
<div id="category" class="doctools_section"><h2><a name="category">Category</a></h2>
<p>Hashes, checksums, and encryption</p>
</div>
<div id="copyright" class="doctools_section"><h2><a name="copyright">Copyright</a></h2>
<p>Copyright &copy; 2008, Andreas Kupries &lt;andreas_kupries@users.sourceforge.net&gt;</p>
</div>
</div></body></html>
